Log in

View Full Version : Resolved session makes it dissapear


auriaks
11-07-2009, 11:03 AM
Hi,
i have session like this:


<?php
include('db_conn.php');

if(isset($_POST['submit'])) {

$password = md5($_POST['password']);
$q = mysql_query("SELECT * FROM reg_users WHERE Nick='$_POST[nick]' AND Password='$password'") or die(mysql_error());

if($_POST['password'] == '') {
$error .= "";
}
if($_POST['nick'] == '') {
$error .= "";
}

if(mysql_num_rows($q) == 0) {
$error .= "<li></li>";
}

if(isset($error)) {
echo '<font color="#ff0000">';
echo '<ol>'.$error.'</ol></font>';

} else {

$r = mysql_fetch_array( $q ) or die(mysql_error());

session_start();
$_SESSION['nick'] = $_POST['nick'];
$_SESSION['password'] = md5($_POST['password']);
$_SESSION['authID'] = $r['id'];
header("Location: http://www.xz.lt/index.php");
}
}

if($_GET['act'] == 'logout') {
echo '<center><font color="Green">You\'re successfully logged out.</font></center>';
session_unset();
session_destroy(); // remove the entire session
header("Location: http://www.xz.lt/login.php");
}

?>


The thing is, that i want some text be written only when session is on... when i logged i can see, when im not logged i cant. :) i really need help with that. THANKS :)
Nile
11-07-2009, 03:47 PM
Before you unset the session, try giving the value NULL.
auriaks
11-08-2009, 09:22 AM
ant what it changes?
Nile
11-08-2009, 02:58 PM
Wait, lemme see if I understand:
When a user logs in, he makes a session, and that session is outputted to the page. When he logs out you can still see the session. You want him to NOT be able to see the session when logged out.
auriaks
11-08-2009, 03:23 PM
yes... i done it in this way:
i used $secret = 'this is my secret';
and added it to if isset session. then i write somewhere in my page <?php include $secret ?> and it works. But its unsafe i think.
Nile
11-08-2009, 03:27 PM
I fail to see the variable $secret.
fg123
11-08-2009, 09:23 PM
I think the code shown is the one before auriaks added the variable.
auriaks
11-09-2009, 01:17 AM
if sessiom begins there is no errors->>


<?php
if ($error) {} else {
include('db_conn.php');
session_start();

if(isset($_SESSION['authID'])) {
$q = mysql_query("SELECT * FROM reg_users WHERE Nick='$_SESSION[nick]'") or die(mysql_error());
$r = mysql_fetch_array( $q ) or die(mysql_error());
//atsiras
$date = date("Y-m-d");
$count1 = '1';
$nick = $_SESSION['nick'];
mysql_query("UPDATE reg_users SET date = '$date' WHERE nick = '$nick'");
mysql_query("UPDATE reg_users SET count = '$count1' WHERE nick = '$nick'");

$logas = "<a href='index.php?act=logout'>Atsijungti</a>";


} else { }
if($_GET['act'] == 'logout') {
echo '<center><font color="Green">Sėkmingai atsijungėte.</font></center>';
session_unset();
session_destroy(); // remove the entire session
include('db_conn.php');
$count2 = '0';
mysql_query("UPDATE reg_users SET count = '$count2' WHERE nick = '$nick'");
}
}
?>

<html>
<?php echo $logas ?>
</html>

And If everything is good i have logout link :)

If error comes this stops as i choosed if statement. THATS WHAT I MEAN :D THANKS YOU GUYS :)